Dumped hard drives with US defense data have turned up for open sale in a West African market.
A team of Canadian journalism students bought a hard drive containing information on multi-million dollar contracts between military contractor Northrop Grumman and the Pentagon for just $40 in a market near Accra, Ghana. The exercise …

Heh!

Comment

Glad they intend to investigate this. Perturbed that it sounds like they are pointing a finger at an asset disposal vendor (outsourced). If the item contains sensitive information, then the company needs to take the responsibility to purge the data before any vendor takes possession it.

All that is required

for me to ship these to you is that you email me your bank account details and fax me a signed authorisation to despatch the goods. I shall also need $US400 for customs payment. May god thank you and the 4000 billion Nigerian shillings shall be in your bank account later this week

par for the course

As smaller merchants are being hammered on a daily basis for new Visa/Mastercard regulations, government contracts requiring background checks of all employees working in facilities servicing the government, we have this going on.

This goes to show who's really to blame with well pretty much every single thing wrong in this country of ours.

Look at the fall of the banks, now look at them saying to the lenders "loosen up your practices, lend to those that have no credit.

Look at all the PCI/DSS requirements Visa/Mastercard are putting on merchants while companies like Sears and TJ Max stored data so insecurely it's a miracle that nothing large ever happened at Sears and that more didn't happen with TJ Max.

Im sure this has to do with what was said about the disposal efforts being outsourced. I wonder if our government requires background checks from China when attempting to purchase x-ray and other security scanning equipment for California from China since it was cheaper. I think the deal fell through but only after it was exposed.

Take no notice of anonymous coward

I am Mr Ambi Gobeangi and I work for one of the worlds biggest legal companies, and have just discovered $150,000,000,000 in the will of your Great Aunt Jarazma. She popped her clogs last year and we have been desperately trying to find you. If you would kindly let me have your account details then I can see to it that you will be in receipt of this money by the end of the week. And as a sign of good faith I will arrange for some young, beautiful virgins to stop by and give you something you will remember for the rest of your life (they have been certified by the world health authorities so I know they are okay).

And Paris just so that we can remember what a virgin doesn't look like.

plus ce change.

Blame the underpaid Outsourced staff again, why don't they? Pay peanuts, let all the experienced staff go first as their salaries cost more and wonder why the morons fresh out of school don't have a fscking clue.

Bitter and twisted after getting shafted with 22 years of service? Hell yes!

@Clint and John: Fail to read often?

It said the information was about the contracts, not the classified material itself. Information about the contracts is rarely classified secret or better by the government. From the context of the article, it isn't even clear that it is government sensitive (aka 'For Governmental Use Only'), not company sensitive. As such it needn't be encrypted or require clearance.

AC 25-06-09 20:25 is closet to what ought to happen here. To be really secure the company has to wipe the disks before they leave the premises. That being said, there are reputable companies that are engaged solely in the secure destruction of classified hard drives. The gear to degauss then shred hard drives is pretty expensive. It is more efficient for most companies to contract to them for the certified destruction of classified materials. But such companies themselves ought to be secure against the kind of theft NG is alleging is the cause of the drive being available.

Still it is an Epic Fail by NG, becauase ultimately, they are responsible for the safety of the data, and that responsibility is non-transferable.

Fail to read often?

The information is about the contracts ... agreed. Most contracts I've seen contain sensitive information like (RFQ - Request for Quotes) for a financial reference along with the necessary engineering prints and processes required for a company to analyze during their bidding procedures.

Why attempt to wipe the disk at all? For security, just scrap the disk, cut and shred it for recycling. The technology will be old and obsolete soon enough.